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(54) Password protection for removable hard drive 



(57) A device and method for preventing access to system (16). A comparison of the two passwords is 

data on a hard drive (10) in which a first password is made in a processor (20) in the hard drive to determine 

stored (1 4) on the hard drive so that it is not accessible whether the two passwords are the same. If the two 

from a system (16) in which the hard drive is installed, passwords are not the same, access to the hard drive 

and in which a second password is provided from the is denied. 
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Description 

The present invention relates to methods and de- 
vices for controlling access to data, and more particu- 
larly to a method and device for preventing unauthorized s 
access to data on a hard drive, regardless of the system 
in which the hard drive is installed and the password pro- 
tection available in the system. 

As is known stored data on a data storage device 
may be protected from unauthorized access in various 10 
ways. For example an operating system program resi- 
dent in a system m which the data storage device is in- 
stalled may provide password protection. (The term 
"password" refers to a sequence of characters in a de- 
fined format that is desirably kept secret and used for 1$ 
controlling access to data ) Password protection pro- 
grams prompt a would-be user to provide a password 
and deny access unless the user enters a password 
which matches a predetermined password located in 
non-volatile memory in the system (i.e. a storage medi- 20 
um which does not lobe Mb contents when system power 
is removed, such as C MOS flash memory, and hard 
disks). However these methods are easily bypassed by 
erasing the non volatile memory and thus the password 
protection (e.g. clearing the C MOS memory by remov- 2s 
ing the associated battery) or by simply removing the 
data storage device (e g hnrd drive, floppy disk, PCM- 
CIA memory card, etc ) from the password protected 
system and installing the dnta storage device in a non- 
password protected system 30 

This problem has been exacerbated by recent tech- 
nology advances. Data storage devices have become 
smaller and more easily moved from one system to the 
next, and many laptop and notebook computers use 
standard data storage devices such as Intelligent Drive 35 
Electronics (IDE) hard drives that are purposely engi- 
neered to be easily moved from one laptop or notebook 
computer to the next, it is clearly desirable to provide 
protection for data stored on a removable data storage 
device that is independent of the system in which it is 40 
installed. It would be a further advantage to be able to 
use existing technology with only slight modifications to 
preserve the investments made therein. 

Accordingly, it is an object of the present invention 
to provide a novel device and method for controlling ac- 45 
cess to data stored on a removable data storage device 
which obviates the problems of the prior art. 

According lo the invention there is provided a meth- 
od of controlling access to data on a removable data 
storage device, said device being useable in any one of so 
a plurality of systems for processing the data accessed 
from the data storage device, characterized by the steps 
of: ' 

(a) storing a first password on the data storage de- ss 
vice so that the first password can be accessed only 

by the data storage device: 

(b) providing a second password to the data storage 



device from a system seeking access to the data on 
the data storage device; 

(c) comparing the first and second passwords on 
the data storage device: and 

(d) permitting access by said system to the data on 
the data storage device only if the first and second 
passwords are the same. 

The invention will now be described by way of ex- 
ample only with reference to the accompanying draw- 
ings in which:- 

Figure 1 is a block diagram of an embodiment of the 
present invention; 

Figure 2 is an embodiment of a logic unit of the 
present invention which provides an access-con- 
trolling signal; and 

Figure 3 is an embodiment of an access-controlling 
device in a hard drive of the present invention. 

With reference to Figure 1, a hard drive 10 has a 
storage medium 12 for storing data. The storage medi- 
um 12 has a unit 13 for reading and writing data and a 
predetermined storage location 14 for storing a first 
password, storage location 1 4 not being accessible from 
a host system 16 in which the hard drive 10 is installed. 
Hard drive 1 0 also includes a memory (e.g. RAM) 1 8 for 
receiving a second password from system 16, a com- 
parator 20 for comparing the first and second passwords 
and for providing an enable signal when the first and 
second passwords are the same, and a logic circuit 22 
for receiving the enable signal and denying access to 
storage medium 12 from system 16 in the absence of 
the enable signal. 

Hard drive 10 may include discrete components for 
accomplishing the functions set forth above, but prefer- 
ably includes specifically configured firmware in con- 
ventional components for accomplishing the functions. 
System 16, which may be conventional, may optionally 
include a data request interface 24 (typically an Intelli- 
gent Drive Electronics - IDE - interface, although the in- 
vention is not limited to IDE devices) for providing a re- 
quest for access to data on storage medium 12. 

By way of further explanation, the tirst password 
may be stored in location 14 in storage medium 12 in 
non-volatile memory. While any number of non-volatile 
memory options are available and known in the art, pref- 
erably the first password is stored on platters (storage 
media) of the hard drive in a reserved location 14 not 
accessible from interface 24. This may be accomplished 
in a manner similar to that currently used by many 2.5" 
and 3.5" hard drives for storing drive firmware on hidden 
tracks of the platters. As will be appreciated by those of 
skill in the art, "hidden tracks" refers to the inability of 
interface 24 to access the tracks but does not refer to 
the ability of hard drive 10 to access those tracks. 

The presence of a password in storage location 14 
provides the initial access control. If a password is found 
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there access will not be granted until an enable signal 
has been provided If storage location 14 is blank (i.e. 
docs not include a sequence of characters that meets 
h definition of a password), the hard drive is unprotected 
and behaves as any other unprotected drive, providing s 

dntn on fCGUGSt 

An optonal BIOS 25 in system 16 may be used to 
provicic ihc second password to hard drive 10 from in- 
terface 24 along with an unlock command. BIOS 25 may 
prompt. :hc user to enter the second password during 10 
power -up The unlock command informs hard drive 10 
thdi tnc second password is now available to it, and that 
it shculd load tnc second password into RAM 18 in prep- 
aration for the comparison of the two passwords in com- 
parator 20 Currently there is no unlock command in a 1S 
typical lUb micrtHcc command set, and such a com- 
mand may bo added by conventional techniques. 

The second password may be stored in a volatile 
memory 26 in system 16. such as a RAM where stored 
contents are lost in the absence of power. When access 20 
to datn on hriid drive 10 has been granted and then sub- 
sequently denied (e g when power to the hard drive is 
interrupted such as when the hard drive powers down 
for energy conservation and the enable signal is lost), 
the second password must be provided again to the 25 
hard drive in order to access data. When power is re- 
turned to the hard drive. BIOS 25 checks RAM 26 for 
the presence of a second password and automatically 
provides the stored second password to the hard drive 
for comparison with the first password in the manner de- 30 
scribed above Alternatively. BIOS 25 may ask the user 
to provide the second password each time. 

The BIOS 25 may be used to provide a new first 
password to hard drive 10 through interface 24 with an 
appropriate command such as "set password" which 35 
tells hard drive 10 to store the new first password in lo- 
cation 1 4. Once the first password has been stored, data 
on storage medium 12 cannot be accessed until the BI- 
OS generated unlock command is presented to logic 
unit 22 from I DE 24 along with the (proper) second pass- -*o 
word so that the enable signal may be provided 

Comparator 20 in hard drive 10 may compare the 
first and second passwords to determine whether they 
are the same. Firmware in a Read Only Memory (ROM) 
27 may load the first password into RAM 18 and com- 
parator 20 (e.g. a microprocessor on-board the hard 
drive) may then compare the first and second pass- 
words from RAM 18. Opeiation of compaiator 20 may 
be conventional arid may be embodied in firmware, with 
a preferred embodiment including a character-by-char- so 
acter comparison to determine equality. If the two pass- 
words are the same, comparator 20 provides an enable 
signal to logic unit 22. Further security restrictions may 
be imposed on the choice of passwords, such as length, 
and selection of characters that are known to force users 55 
to create passwords that are harder to guess 

The operation of logic unit 22 may be understood 
with reference to Figure 2 which depicts an embodiment 
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of the unit, although it is to be understood that the logic 
unit of Figure 2 is but an example and that other embod- 
iments of the logic unit may be used, including firmware 
in hard drive electronics. An AND gate 30 may receive 
the unlock signal from BIOS and the enable signal (in- 
dicating that the two passwords are the same) from 
comparator 20. For example, if TRUE is used to indicate 
access has been requested and permitted, and both in- 
puts to gate 30 are TRUE, the appropriate access-con- 
trolling signal may be provided to unlock storage medi- 
um 12. 

Locking and unlocking of storage medium 14 may 
be accomplished in several ways. Preferably unauthor- 
ized read and write requests may be refused by 
firmware in hard drive electronics which returns an ap- 
propriate error code indicating access has been denied. 
In a further embodiment of an access-controlling mech- 
anism illustrated in Figure 3, access may be controlled 
by restricting the flow of data in one or both directions 
between the drive's read/write head 36 and hard drive 
electronics 38. 

While the foregoing embodiment refers to an IDE 
interface, the invention may also be used with other 
types of interfaces, including without limitation a Serial 
Communication Standard Interface (SCSI), and a Fast; 
IDE Interface. Further, the invention also finds applica- 
tion in data storage devices other than hard drives, and 
use of the term hard drive herein refers to data storage, 
devices, such as PCMCIA memory cards and the like,, 
which can be adapted to have a "hidden" location for 
storing the first password and an incorporated data 
reader for reading the contents of that location so that 
the first password does not have to be read - and pos- 
sibly compromised - by the system in which the data 
storage device is installed. 

In a further embodiment of the present invention a. 
fleet password for accessing plural storage media may -j 
be used in the same manner as described above. A fleet 
password may be established and retained by a system 
administrator to provide an alternative means of access- 
ing data on a restricted storage medium if the above- 
described second password is lost. A first fleet pass- 
word common to a plurality of hard drives 10 may be 
stored in location 14 with the first password and may be 
compared to a second fleet password in the manner dis- 
cussed above. For example, logic unit 22 may include 
an additional AND gate 32 which has as one input the 
result of the comparison of the first and second fleet 
passwords and as the other input a BIOS generated un- 
lock signal. The outputs of gates 30 and 32 may be pro- 
vided to OR gate 34 which provides the appropriate sig- 
nal to control access to storage medium 12. 

In operation, the second password may be com- 
pared to the first password, and if it does not match a 
further comparison may be made to the first fleet pass- 
word. If the second password matches either, access 
would be granted 
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Claims 

1 . A method of controlling access to data on a remov- 
able data storage device (10), said device being 
useable in any one of a plurality of systems (16) for 
processing the data accessed from the data storage 
device, characterized by the steps of: 

(a) storing a first password on the data storage 
device (10) so that the first password can be 
accessed only by the data storage device; 

(b) providing a second password to the data 
storage device from a system (16) seeking ac- 
cess to the data on the data storage device: 

(c) comparing the first and second passwords 
on the data storage device; and 

(d) permitting access by said system to the data 
on the data storage device only if the first and 
second passwords are the same, 

2. A method according to Claim 1 , characterized in 
that the first password is stored in a predetermined 
non-volatile storage location (14) in the data stor- 
age device (10). 

3. A method according to Claim 2, characterized in 
that the two passwords are compared by the steps 
of providing the first password from the predeter- 
mined storage location (14) in the storage device to 
a comparator (20) in the data storage device, and 
comparing the two passwords in the comparator. 
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6. A data storage device according to claim 5, charac- 
terized in that said storage location (14) further 
stores a fleet password, whereby when said receiv- 
ing means (18) receives a second fleet password, 
5 said comparator (20) compares said first and sec- 

ond fleet passwords and provides said enable sig- 
nal when said first and second fleet passwords are 
the same. 

to 7. A data storage device according to claim 5 charac- 
terized in that said logic means (18) comprises a 
circuit between a read/write head (36) of said data 
storage device and drive electronics (38) for said 
data storage device, said circuit comprising a logi- 
cal gate responsive to said enable signal. 

8. A data storage device according to any one of 
claims 5,6, or 7, characterized by comprising a hard 
drive. 

20 



25 



30 



4. A method according to Claim 3, characterized in 
that access to the date is permitted by the steps of 
providing from the comparator an enable signal if 35 
the two passwords are the same : receiving a re- 
quest for access to the data from the one of the sys- 
tems, and allowing access to the data in the pres- 
ence of the enable signal and the request for ac- 
cess. 40 



5. A data storage device (10) removeably installable 
in a data-access-requesting system (16), said de- 
vice being characterized by a storage medium (12) 
having a predetermined storage location (14) for ^5 
storing a first password, said storage location not 
being accessible from said system (16), 



receiving means (18) for receiving a second 
password, so 
a comparator (20) for comparing said first and 
second passwords, and for providing an enable 
signal when said first and second passwords 
are the same, and 

logic means (22) for denying access to said 55 
storage medium from said system in the ab- 
sence of said enable signal. 



0770997A2 I 



4 



EP 0 770 997 A2 



FIG. 1 



BIOS UNLOCK 

^SECOND PASSWORD 



10 




ENABLE 
SIGNAL 



16 



J 



FIRST PASSWORD 

FIG. 2 



BIOS UNLOCK FM 24 
ENABLE FM 20 



BIOS UNLOCK FM 24 
FLEET PASSWORD ENABLE FM 20 




TO 12 



FIG. 3 



^13 



SENSE AMP 





READ / 


DRIVE 
ELECTRONICS 


DATA ^ 
WRITE 




DATA 



36- 



38 



WR 



TE AMP 



FM 22 



0770997A2 I > 



5 



L 



'$ PAQE BLANK (uspto) 



(19) 



J 



Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



(12) 



(n) EP 0 770 997 A3 

EUROPEAN PATENT APPLICATION 



(88) Date of publication A3: 

07.01.1998 Bulletin 1998/02 

(43) Date of publication A2: 

02.05.1997 Bulletin 1997/18 

(21) Application number: 96307662.5 

(22) Date of filing: 23.10.1996 



(51) intci * G11B 19/02, G11B 20/00, 
G06F 1/00 



(84) 


Designated Contracting States: 


(72) 


Inventor: Liebenow, Frank W. 




DE FR GB 




Greer, SC 29650 (US) 


(30) 


Priority: 27.10.1995 US 549502 


(74) 


Representative: Irish, Vivien Elizabeth 








International IP Department, 


(71) 


Applicant: NCR INTERNATIONAL INC. 




NCR Limited, 




Dayton, Ohio 45479 (US) 




206 Maryiebone Road 








London NW1 6LY (GB) 



(54) Password protection for removable hard drive 



(57) A device and method for preventing access to 
data on a hard drive (10) in which a first password is 
stored (14) on the hard drive so that it is not accessible 
from a system (16) in which the hard drive is installed, 
and in which a second password is provided from the 



system (16). A comparison of the two passwords is 
made in a processor (20) in the hard drive to determine 
whether the two passwords are the same. If the two 
passwords are not the same, access to the hard drive 
is denied. 
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